Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links


Categories

In this Discussion

Remote encrypted storage?
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Remote encrypted storage?

CFarenceCFarence Member
in Help

I have a storage server that I would like to mount on a machine, but I would like to have everything encrypted on the storage server.

I have looked at sshfs and encfs, but I get really slow throughput. Removing encfs from the mix, makes everything fly. It just seems that adding that encryption adds a little too much bulk to it. Since my transfer speeds drop down to 200kbps, when without encfs I get 8MB/s?

Does anyone know how I could pull this off? I would really like to have the storage mounted in a directory. I could have encfs store it locally and sync it over, but then I would be using local storage space to do that.

Comments

  • SilvengaSilvenga Member
    edited October 2014

    Although it might be more than you're looking for, Tahoe-lafs was designed to do this. Tahoe-lafs assumes the storage servers can and will be compromised by an attacker (provider-independent security).

    Another option is to optimise your current setup. For example, try to disable encryption and compression with your SSH tunnel (encfs should handle it). I've seen x8 times improvement when transferring files over SSH using rsync on an Atom core (no hardware support for encryption).

  • MarkTurnerMarkTurner Member

    Are you saying you want the filesystem encrypted as well as the transfer or just the transfer?

  • CFarenceCFarence Member

    @MarkTurner said:
    Are you saying you want the filesystem encrypted as well as the transfer or just the transfer?

    Both while in transit and while sitting on the remote storage server. I rather not do the encryption the remote system, encrypt before sending for storage

  • perennateperennate Member, Host Rep

    Tahoe-LAFS will be slower since it's intended for distributed setups. If you're on KVM, LUKS/eCryptfs shouldn't have as much overhead as FUSE-based software, and both come with many Linux distributions nowadays.

  • CFarenceCFarence Member

    @perennate said:
    Tahoe-LAFS will be slower since it's intended for distributed setups. If you're on KVM, LUKS/eCryptfs shouldn't have as much overhead as FUSE-based software, and both come with many Linux distributions nowadays.

    The storage machine is a dedicated atom server if that helps. How does LUKS/ecryptfs work?

  • perennateperennate Member, Host Rep
    edited October 2014

    LUKS: http://www.cyberciti.biz/hardware/howto-linux-hard-disk-encryption-with-luks-cryptsetup-command/

    eCryptfs: https://wiki.archlinux.org/index.php/ECryptfs#Setup_.26_Mounting

Sign In or Register to comment.